Domain 3- Software Troubleshooting
Question 5: Which of the following is the MOST likely symptom of a dirty drum or roller in a laser printer? A vertical black or white stripe on the print job. A faint image on the print job. Lines or splotches repeated at regular intervals on the print job. Smudges on the print job.
Explanation A dirty drum or roller can create lines or splotches at regular intervals on the print job.
Question 48: A mobile device has poor performance and is slow to respond to screen inputs. After troubleshooting, a technician decides to perform a factory reset. Which of the following actions should a technician take before doing so? Perform a remote wipe to clear any personal data. Ensure that the battery is fully charged. Back up all data to an attached computer or a cloud backup service. Close all running applications.
Explanation A factory reset will clear all data from the mobile device. To prevent the loss of this data, it should be backed up to an attached computer or a cloud backup service. A remote wipe will clear all personal data, which will be lost if it has not been backed up. All running applications will be closed and overwritten during a factory reset. A factory reset can be done whether the battery is fully charged or not.
Question 55: Travis, a long-haul truck driver, reports that when driving on remote highways, his smartphone battery drains faster than normal, and his phone calls often cut out. Which of the following is the MOST likely reason for the fast battery drain? Signal drop or weak signal A defective SIM card Multiple Bluetooth connections Limited data plan
Explanation A smartphone can use excessive battery power performing cell signal searches when cell service is nonexistent, weak, or sporadic. Bluetooth connections do not require as much power as cellular and Wi-Fi. In this scenario, multiple Bluetooth connections is not the most likely reason for battery drain. A defective SIM card would most likely cause phone problems whether or not there is cellular service. Battery drain only occurs when the cellular signal is weak or nonexistent. A limited data plan does not affect battery drain or cellular connectivity.
Question 7: When you print from your laser printer, the paper contains faint images from previous printouts. Which of the following components is MOST likely the cause? (Select TWO). Transfer roller Fluorescent lamp Primary corona wire Rubber scraper Secondary corona wire
Explanation After a page is printed, a rubber scraper removes any remaining toner from the OPC drum. A fluorescent lamp removes any remaining electrical charge. If images from previous print jobs show up on the page, check these two components. The primary corona charges the drum prior to writing the image. The secondary corona charges the paper to attract the toner. If these two components are faulty, the current image might have streaks or missing parts. If the toner is not sticking to the paper, check the transfer roller.
Question 23: You have recently had an issue where a user's Windows computer was infected with a virus. After removing the virus from the computer, which of the following is the NEXT step you should take? Install all OS updates. Create a restore point. Enable System Restore. Educate the user.
Explanation After an infected computer has been remediated successfully, the next step in the best practice procedures for malware removal states that you should ensure that all OS updates are installed and that regular virus scans are scheduled. Following that action, you should enable system restore, create a new restore point, and educate end users on better practices.
Question 8: You replaced the print cartridge on an inkjet printer. What should you do next? Replace the fuser roller assembly. Send the printer to the factory for a realignment. Replace the ribbon as well. Calibrate the printer.
Explanation After replacing print cartridges, perform a calibration. The calibration uses the self test to check the printed image and make minor adjustments automatically. Calibration will help avoid blurry text, misalignment (jagged lines), or incorrect colors. Dot matrix printers use a ribbon and should be replaced if printer images become faint. Fuser roller assemblies are found in laser printers and should be replaced or cleaned if there are lines or splotches at regular intervals on the print job.
Question 12: Wendy had been searching the internet for a great deal on jewelry. While looking at one site, a pop-up was displayed that told her she had just been chosen as the winner of a nice prize. Being excited to win, Wendy clicked on the link provided to claim her prize. The next day, when Wendy tried to turn on her computer, her computer displayed the Blue Screen of Death (BSOD). After interviewing Wendy, you suspect that the pop-up she clicked on installed some malicious software that has caused her computer to lock up. Which of the following is the BEST place to begin repairing Wendy's computer? Boot the computer from the Windows installation disc and run System Restore. Boot the computer from the Windows installation disc and run Reset this PC. Boot the computer from the Windows installation disc and perform a clean installation of Windows. Boot the computer from the Windows installation disc and run Startup Repair.
Explanation Although BSOD can be caused by many things, given the circumstances and your suspicion that malware may be the cause, you should first isolate Wendy's computer and then try to make her computer bootable by running Startup Repair. Startup Repair attempts to fix problems that keep Windows from loading. If this process fixes her computer, you would then take the proper steps to find and remove the malicious software that caused the issue in the first place. If the computer does not boot after completing the above, you can try to run a System Restore. This would recover your computer to a previous point, but all of the changes made after the restore point was created would be lost. If the restore process fails, you could then try to Reset the PC. Keep in mind that this step may get the computer running again, but it will remove all of the applications and settings. If this step does work, you must still check for malicious software that may be disguised as a personal file. If all else fails, a clean installation of Windows can be performed. And if a backup of Wendy's files are available, they can be restored.
Question 31: Alice has received several calls from her friends informing her that they are receiving strange emails containing content that seems odd coming from her. Which of the following MOST likely happened on Alice's computer? A Trojan horse is running on Alice's computer. A virus or malware was installed on Alice's computer. A family member used her account to send prank emails. Alice's email account was hijacked.
Explanation Although a family member may have tried to play a trick on Alice, it is more plausible that her email was hijacked. Hijacked or hacked email accounts are suspected when those receiving the emails are confused by or suspicious of the email's content. Another indication of a hijacked email account is automated replies from unknown sent email. Email accounts can be hijacked using several techniques. Therefore, it may or may not be caused by malware or a Trojan horse. For example, some email providers, such as Yahoo, can have their systems compromised, and your email information (username and password) are sold and used to access your account. Since it is also possible that your email was compromised through malicious software, you should take the proper steps to verify that all malware software is removed.
Question 58: A technician suspects that data is being leaked from a tablet. Which of the following is the BEST tool to troubleshoot this issue? App scanner Anti-malware Force stop Wi-Fi analyzer
Explanation An app scanner can test a mobile app for security flaws. This is the best option in this scenario. Anti-malware can safeguard a mobile device from malware and ransomware, but typically doesn't check poorly written or poorly configured mobile apps for vulnerabilities. A Wi-Fi analyzer can provide signal strength and signal quality information. It can be used to detect unauthorized devices on a Wi-Fi network. It is not used to check mobile apps for security flaws. A force stop can be used to stop an application from running so that it can be uninstalled. It is not used to check mobile apps for security flaws.
Question 60: A technician suspects that an app on a tablet device may be surreptitiously using the camera without permission. Which of the following would be the BEST way to troubleshoot this issue? Check the results of a cell tower analyzer. Run an anti-malware scan. Perform a soft reset on the device. Remove all Bluetooth pairings.
Explanation An app that uses the phone camera without permission could be categorized as malware. A malware scan should detect this issue. Removing all Bluetooth pairings will not protect the camera from being used without permission. Checking the results of a cell tower analyzer will not prevent the camera being used without permission. Performing a soft reset on the device will stop all apps, but will not protect the camera from being used without permission.
Question 41: To tightly control the anti-malware settings on your computer, you elect to update the signature file manually. Even though you vigilantly update the signature file, the machine becomes infected with a new type of malware. Which of the following actions would BEST prevent this scenario from occurring again? Configure the software to automatically download the definition file updates as soon as they become available. Switch to a more reliable anti-malware software. Carefully review open firewall ports and close any unneeded ports. Create a scheduled task to run sfc.exe daily.
Explanation Anti-malware software is most effective against new threats if it has the latest definition files installed. Instead of manually updating the signature files, you should configure the software to automatically download updated definition files as soon as they become available. Use sfc.exe to repair infected files after malware has caused the damage. Using different anti-malware software will not resolve the problem if you don't apply the latest definition files.
Question 3: After removing the printed paper from your laser printer, the toner smudges and can be wiped off in places. Which of the following is the MOST likely problem? Secondary corona Print drum Primary corona Fuser rollers
Explanation Because the fuser rollers heat and press the entire paper, dirty fuser rollers are the most likely problem. The other components do not touch the paper directly.
Question 43: A technician is assisting Ann, who reports that the display on her company-issued smartphone is too dim to read in a dark room, even after she adjusts the brightness setting. Which of the following actions should the technician perform FIRST? (Choose TWO). Replace the battery. Adjust the adaptive or automatic brightness control. Adjust the battery saver setting. Replace the display. Close all running apps.
Explanation Before replacing hardware, the technician should adjust the settings that control display brightness, including adjusting the adaptive or automatic brightness control and adjusting the battery saver setting. Replacing the battery may affect screen brightness, but is not the first action to take. A faulty display may be the cause, but replacing it is not the first action to take. Too many running apps is not likely to be the problem in this scenario.
Question 18: How can you keep a Windows 10 system from automatically restarting after a critical system error occurs? Use the Last Known Good configuration option on the Advanced Startup Options menu. Use the Enable Safe Mode with Networking option on the Advanced Startup Options menu. Use the Disable automatic restart after failure option on the Advanced Startup Options menu. Use the Enable Safe Mode with Command Prompt option on the Advanced Startup Options menu.
Explanation By default, Windows is configured to reboot whenever a critical system error occurs (Blue Screen of Death). Use the Disable automatic restart after failure option on the Advanced Startup Options menu to stop the automatic reboots. Safe Mode with Networking is a variation of Safe Mode that also loads networking components if the problem is related to a network component. Safe Mode with Command Prompt is a variation of Safe Mode that allows you to boot to a command prompt. Neither of these options will stop the automatic reboots. The Last Known Good configuration option is not available in Windows 8 and later.
Question 30: Which of the following are likely symptoms of malware infection? (Select TWO). Renamed system files Operating system updates that were installed without your knowledge Receipt of phishing emails in your inbox Changed file permissions Cookies placed by a website recently visited
Explanation Common symptoms of a malware infection include the following: · Slow computer performance · Internet connectivity issues · Operating system lock ups · Windows update failures · Renamed system files · Disappearing files · Changed file permissions · Access denied errors Cookies are commonly placed by legitimate websites and aren't considered a major security threat. Windows operating systems automatically install updates by default. Receiving phishing emails doesn't necessarily indicate that the system is infected with malware. It's more likely your email address has been picked up and included on a list.
Question 40: You have just installed anti-malware software on all computers on your company's network. Which of the following additional actions would be BEST to take to help protect systems from malicious software? (Select TWO). Configure email servers to block all attachments. Require strong passwords in the local security policy. Configure all computers with a screen saver password. Disconnect all computers from the internet. Train users to scan removable storage devices before copying files. Configure the software to automatically update its definition files.
Explanation Configuring the anti-malware software to automatically update its definition files and to scan removable storage devices before copying files will help protect systems from malicious software. Configuring email servers to block all attachments might prevent some viruses, but will also prevent users from receiving necessary files through email. Disconnecting all computers from the internet will impede a productive work environment. Requiring strong passwords and configuring all computers with a screen saver password are important aspects of a security policy, but they won't prevent the transfer of malicious software.
Question 22: In which of the following situations would driver rollback be the BEST tool to use? You accidentally deleted several important emails from Outlook and need to restore them. You recently installed a new application, and now the system behaves erratically. You need to restore several driver files that were accidentally deleted. You recently installed a new video driver, and now the system behaves erratically.
Explanation Driver Rollback would be best suited to a situation where you've installed a misbehaving driver and need to revert to an older version of the driver. Driver Rollback preserves the old driver every time you install a newer driver. Therefore, you could use Driver Rollback to uninstall the current driver and restore the previous version.
Question 1: You have a workstation running Windows 10, 64-bit edition. A local printer connected to a USB port is shared so that other users can print to that printer. Users running 32-bit versions of Windows report that they can't install the driver for the shared printer. Users running a 64-bit version of Windows do not have any problems. Which of the following actions will MOST likely fix this problem? (Select TWO). Move the printer to a computer running a 32-bit operating system and share the printer. Configure the printer to run in 32-bit emulation mode. On your computer, add the x86 drivers. Configure one computer running a 32-bit operating system with the correct driver. Share the network printer and have all 32-bit computers connect to that computer. Manually install the correct driver on each computer that is having a problem.
Explanation Each network host that wants to use the printer must have the correct printer driver installed. When you share a printer in Windows, the current printer driver is automatically delivered to clients that connect to the shared printer. If the client computers run a different version of Windows, you can add the necessary printer drivers to the printer object. Manually adding drivers to every client is also an option, but is not efficient, as the drivers can be delivered automatically when the computers connect to the shared printer. Sharing the printer on a 32-bit operating system would require adding the drivers for 64-bit clients. There's no such thing as 32-bit emulation mode on printers.
Question 47: Joe has been issued a company-owned tablet. He finds that the performance decreases after a few hours of use. After he power-cycles the tablet, performance returns, but the tablet begins to slow again after an hour of use. Which of the following is the BEST action to troubleshoot the problem? Replace the tablet battery. Disable wireless networking. Reset the tablet to factory defaults. Check the number apps that are running.
Explanation Each running app consumes tablet resources such as memory and CPU. Multiple apps contending for scarce resources may cause poor performance. All mobile devices provide the user the ability to either close all running apps or stop them selectively. Resetting the tablet to factory defaults will remove all installed apps and data. This action should be used as a last resort. Replacing the tablet battery will not likely improve performance, especially if the tablet was connected to an external power source. Disabling wireless networking is often used when troubleshooting performance, but is not the best action in this scenario.
Question 6: Which of the following paper types should not be used in inkjet printers? Any colored paper Very glossy paper Paper that is not specifically marked "For inkjet printers." Multi-purpose paper
Explanation Early inkjet printers required paper specially manufactured for inkjet printers. Now, inkjet printer paper is not necessary. However, you still need to consider the paper's qualities and factors such as how the paper absorbs the ink. Very glossy paper that does not absorb ink well can be problematic.
Question 19: A user reports that his machine will no longer boot properly. After asking several questions to determine the problem, you suspect the user unknowingly downloaded malware from the internet, and that the malware corrupted the boot block. Based on your suspicions, which of the following actions would you MOST likely take to correct the problem? (Select TWO.) Run sfc.exe. Boot into Safe Mode and try removing the malware. Have the user attend an internal internet safety training course. Boot from the Windows installation DVD and use the Recovery Environment to run a startup repair. Reimage the machine.
Explanation From the Recovery Environment, run a startup repair operation. If you have an existing image of the computer, you could also reimage the system. However, all data and applications added to the system since the image was created will be lost. Reimaging the system will typically get Windows back up and running on the computer more quickly than manually re-installing the operating system. User training is a preventative measure against malware infections; however, the training will not repair the current damage. Sfc.exe scans every system file in the operating system for altered files, but does not scan the master boot record or the volume boot record. Since the machine no longer boots properly, booting into Safe Mode is not an option in this scenario.
Question 4: Your laser printer prints a vertical black line on every page. You change the toner cartridge, but the problem does not go away. What is the MOST likely problem? A corona wire is dirty. The paper is poor quality. The fuser assembly is damaged. The photosensitive drum is wearing out.
Explanation If a corona wire is dirty, it might not create a uniform charge. As a result, the toner might not be attracted correctly to the photosensitive drum or paper. A vertical stripe is a typical symptom of this problem. Be careful when cleaning a corona wire because they are delicate.
Question 38: Your anti-malware software has detected a virus on your Windows 10 system. However, the anti-malware software is unable to remove it. When you try to delete the files, you can't because they are in use. Which of the following actions would be BEST to try first? Run Sfc.exe. Boot into Safe Mode and try removing the malware. Update the anti-malware definition files. Reset the operating system.
Explanation If a malware process is running and you are unable to stop it, try booting into Safe Mode and then run the scanning software to locate and remove the malware (or delete the files manually). Safe Mode loads only the required drivers and processes. Anti-malware definition files are used to identify a virus; in this case, the anti-malware software has already detected the virus so the files are sufficiently up-to-date to detect the virus. Resetting the operating system might be necessary, but should only be tried after all other measures have failed. Sfc.exe checks and repairs system files.
Question 10: A user has created a complex spreadsheet on her workstation containing many graphs and charts. She sent the document to an older network laser printer that is shared by everyone in her department. When she picked up the output, only the top half of each page was printed, and the bottom half was blank. Which of the following will MOST likely rectify this issue? Install additional memory in her workstation. Update the printer driver on her workstation. Install additional memory in the printer. Instruct her to not create such complex print jobs. Ask the network administrator to increase the speed of the network link in her department.
Explanation If only part of a page is printed on a laser printer (and the rest of the page is blank), you most likely need to add memory in the printer. This is especially true if it happens when complex graphical documents are printed, but printing works correctly with text-only documents. In rare circumstances, updating the printer driver could also fix the issue, but this is unlikely. The speed of the network link does not affect the quality of the printer output.
Question 28: Bob calls and complains that he has suddenly started getting a lot of unwanted email. Which of the following is the BEST type of software to install to help solve Bob's problem? Anti-virus Anti-malware Anti-spam Anti-plagiarism
Explanation In computer terms, SPAM email (or junk email) is the unsolicited email users receive. One of the best ways to prevent receiving this type of email is to use anti-spam software. Anti-malware software helps protects a computer from software that is intentionally designed to cause harm or damage to your computer. Anti-virus software helps protect the infiltration and spread of malicious code that is designed to alter the way a computer operates. Anti-plagiarism software helps detect when someone has plagiarized someone else's material.
Question 24: You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0 subnet using the default subnet mask. This workstation can communicate with some hosts on the private network, but not with other hosts. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : mydomain.local Description . . . . . . . : Broadcom network adapter Physical Address. . . . . . : 00-AA-BB-CC-74-EF DHCP Enabled . . . . . . . : No Autoconfiguration Enabled. . . : Yes IPv4 Address . . . . . . . : 192.168.1.102(Preferred) Subnet Mask . . . . . . . : 255.255.255.0 Default Gateway. . . . . . . . . : 192.168.2.1 DNS Servers. . . . . . . . . . . : 192.168.2.20 Which of the following is the MOST likely cause of the problem? Incorrect subnet mask Incorrect IP address Incorrect DNS server address Incorrect default gateway
Explanation In this example, the default gateway address is incorrect. The default gateway address must be on the same subnet as the IP address for the host. The host address is on the 192.168.1.0/24 subnet, but the default gateway address is on the 192.168.2.0 subnet.
Question 59: A technician is tasked with configuring a user's personal tablet to connect to the corporate network. Which of the following should be performed before configuring access? Check that the battery is fully charged.. Close all running apps. Reset the tablet to factory defaults. Check the tablet for unauthorized root access.
Explanation Jailbreaking or rooting a mobile device weakens its built-in security and can expose sensitive data to cyber-fraud. A best practice is to deny access to a secure network to any device that has been given unauthorized root access. Resetting the tablet to factory defaults will uninstall all apps and remove data. This is not warranted in this scenario. Closing all running apps is not a requirement in this scenario. Checking that the battery is fully charged is not a requirement to access a network.
Question 42: You have installed anti-malware software on computers at your business. Within a few days, however, you notice that one computer has a virus. When you question the user, she says she did install some software a few days ago, but it was supposed to be a file compression utility. She admits she did not scan the file before running it. Which of the following should you add to your security measures to help prevent this from happening again? Proxy server Account lockout User awareness training Close unused firewall ports
Explanation Many anti-malware prevention measures are ineffective if users take actions that put their computers at risk (such as downloading and running files or copying unscanned files to their computers). If users are educated about malware and about the dangers of downloading software, the overall security of the environment improves. A proxy server controls access to the internet based on username, URL, or other criteria. Account lockout helps prevent attackers from guessing passwords. Firewall ports might be used by some malware, but will not prevent malware introduced by a downloaded and installed file.
Question 57: Joe, a user, is walking through a shopping mall. His phone frequently displays a message that additional information is needed to log in. Which of the following is the MOST likely cause of these messages? Leaked personal files Unintended Wi-Fi connections Weak or dropped cellular signal Unauthorized location tracking
Explanation Many devices are configured to access any wireless connection based on signal strength by default. Secured Wi-Fi connections request additional information to log in. For better security, disable automation Wi-Fi connectivity on mobile devices. Cellular service does not require login information. A weak or dropped cell signal is not the cause of the messages. Leaked personal files can be the results of poor security. This is not a cause of these message. Unauthorized location tracking may present messages, but they are not likely to ask for additional log in information.
Question 50: One of your users suspects that the battery in their notebook computer is failing. You test it by using a known good power adapter to plug it in long enough to receive a full charge. The battery reads that it is fully charged in Windows. You then disconnect the laptop from its power source and wait to see how long the battery lasts. The battery dies after only about 15 minutes. Which of the following actions would MOST likely cix this problem? Put the battery in another notebook to verify that it is, in fact, the battery that is failing. Assume the battery is failing and replace it. Calibrate the battery to synchronize the power meter to the actual charge capacity of the battery. Configure the Power Scheme settings to minimize battery usage.
Explanation Most notebook batteries only last 1-3 years. When they can't hold a charge for more than a few minutes, you can safely assume it's time to replace the battery.
Question 25: Which of the following techniques are used in a pharming attack to redirect legitimate web traffic to malicious websites? (Select TWO). Exploiting DHCP servers to deliver the IP address of poisoned DNS servers Man-in-the-middle attack Changing the hosts file of a user's computer Dictionary attack Search engine results poisoning
Explanation Pharming redirects one website's traffic to a bogus website designed to look like the real website. Once the user is there, the attacker tricks the user into supplying personal information, such as bank account and PIN numbers. Pharming works by resolving legitimate URLs to the IP address of malicious websites. This is typically done using one of the following techniques: · Changing the hosts file of a user's computer · Poisoning a DNS server · Exploiting DHCP servers to deliver the IP address of malicious DNS servers in DHCP leases Search engine results poisoning is not typically associated with pharming attacks. A man-in-the-middle attack occurs when the attacker intercepts legitimate network traffic and then poses as one of the parties involved in the network communication. A dictionary attack is used to crack passwords by guessing the password from a list of likely words.
Question 32: You have installed anti-malware software that checks for viruses in e-mail attachments. You configure the software to quarantine any files with problems. You receive an email with an important attachment, but the attachment is not there. Instead, you see a message that the file has been quarantined by the anti-malware software. Which of the following BEST describes what happened to the file? The infection has been removed, and the file has been saved to a different location. The file extension has been changed to prevent it from running. It has been deleted from your system. It has been moved to a folder on your computer.
Explanation Quarantine moves the infected file to a secure folder, where it cannot be opened or run normally. By configuring the software to quarantine any problem files, you can view, scan, and try to repair those files. Quarantine does not automatically repair files. Deleting a file is one possible action to take, but this action removes the file from your system.
Question 33: While running a full system scan using your anti-malware software, three files have been identified as possible problems. You want to keep the files intact so you can review them later, but you also need to ensure they can't harm anything else on your computer. Which of the following is the BEST next step? Rename the files. Repair the infected files. Delete the files. Quarantine the files.
Explanation Quarantining is moving the infected file to a secure folder where it cannot be opened or run normally. You might quarantine an infected file that cannot be repaired to see if another tool or utility might be able to recover important data from the file. During a repair, the virus is removed, and the file is placed back in its original state (if possible). Deleting the file removes the file from your system. Renaming the file might not offer sufficient protection because the virus might be able to still run, or it might be able to rename or replace the infected files.
Question 45: For the past few days, a mobile phone has stopped functioning and will not respond to touchscreen input. A soft reset no longer returns functionality. Which of the following is the BEST step the user can take to fix this problem? Close all running apps Remove and replace the battery Perform a force stop Reset to factory default
Explanation Resetting to factory default will uninstall all apps and remove all data. This is the best option in this scenario. If the mobile phone does not respond to touchscreen input, there will be no way to close all running apps. Removing and replacing the battery is similar to a soft reset, which has not corrected the problem. If the mobile phone does not respond to touchscreen input, there is no way to perform a force stop.
Question 27: Some software on Rachel's computer is telling her that her computer is at risk and that she needs to purchase an upgrade for the software before the risk can be removed. Confused, Rachel calls you (the IT specialist) for advice. After meeting with Rachel, you discover that the pop-up warnings only began after she installed a plug-in for her internet browser. Which of the following is the MOST likely cause of these warning messages? Hijacked email Rogue antivirus App scanner SPAM
Explanation Rogue antiviruses are programs maliciously added to a computer, which will then often display pop-up or warning messages that try to scare a user into purchasing fake products to clean their computers. SPAM is the type of unwanted and unsolicited email a user gets. Hijacked email is when someone deceptively takes over your legitimate email account, typically by guessing your password. App scanner is software that allows a mobile phone to scan documents.
Question 36: After using your computer for a few months, you have decided it is best to install anti-malware software. After the software has been installed, you want to ensure that there are no existing files on your system that are infected. Which of the following is the BEST next step? (Select TWO). Quarantine your computer. Manually create a restore point. Encrypt the hard disk drive. Run a full scan. Download the latest definition files.
Explanation Run a full system scan to check files already on your computer. In addition, you should schedule full system scans to run periodically. You should also update the engine and definition files. Quarantining the system isn't necessary unless malware is discovered that could spread to other systems over a network connection. Manually creating a restore point isn't necessary in this scenario, nor is encrypting the hard disk drive.
Question 15: You have a computer that runs Windows 7, and you want to install Windows 10. You are not concerned about keeping any of the existing data currently on the drive, and you want to do a clean install. After placing the Windows 10 installation DVD in the optical drive, you restart the computer, but it does not boot to the DVD, and you are unable to install Windows. Which of the following are the BEST methods for installing Windows from the DVD? (Select TWO. Each choice is a complete solution.) While the computer is rebooting, press and hold the Windows + C. From the UEFI or BIOS firmware, change the boot order. While the computer is rebooting, press the Ctrl + Alt + Del keys. While the computer is rebooting, press and hold Ctrl + C. While the computer is rebooting, press the boot menu function key.
Explanation Since the computer did not recognize the DVD on restart, you will need to either change the boot order from within the computes UEFI or BIOS firmware settings, or you can press the boot menu key, which will allow you to boot from the DVD. The exact function key that can be pressed is determined by the computer's manufacturer. Examples include, F8, F12, F11, and F10. The other key combinations listed in the question will not allow you to boot to the DVD.
Question 49: After Joe, a user, installs a new game app on his mobile phone, downloads and webpage loads become slower than usual. Which of the following actions would BEST address this issue? Close the new app. Uninstall the new app and scan for malware. Reset to factory defaults. Force stop the new app.
Explanation Slow data speeds can be an indication of malware, especially if the malware is consuming bandwidth to propagate. The best action is to uninstall the new app and use anti-malware apps and app scanners to inspect for malware. Force stopping the new app will help, but not all apps will respond to a force stop, especially if they are malware. This is not the best action in this scenario. Reset to factory defaults will uninstall all apps and remove data. This should be done as a last resort. A closed app may still run in the background. This is not the best action in this scenario.
Question 29: Which type of malicious activity can be described as numerous unwanted and unsolicited email messages sent to a wide range of victims? Trojan Spamming Crimeware Email hijacking
Explanation Spamming is a type of malicious activity in which numerous unwanted and unsolicited email messages are sent to a wide range of victims. Spam itself may or may not be malicious in nature. Unfortunately, spam accounts for 40 to 60 percent of the email traffic on the internet. Most of this activity is unsolicited.
Question 9: After receiving several complaints from the employees in your company, you start to troubleshoot a laser printer. After a short while, you have concluded that the most probable cause is a dirty drum. Which of the following is the MOST logical reasons for this conclusion? Ghost images on the page A blank page Spots at regular intervals on the page Garbage characters on the page \
Explanation Spots at regular intervals on the page typically indicate a dirty drum. Blank pages are caused by no toner or a faulty primary corona. Ghost images are caused by a faulty scraper blade or discharge lamp. Garbage characters are caused by using the wrong print driver.
Question 51: A technician is troubleshooting a company cell phone that is overheating. Which of the following is the FIRST action the technician should perform? Close all applications. Determine whether the user has been streaming data. Update the operating system. Determine whether the battery is warped or swollen.
Explanation Swollen, warped, cracked, or broken batteries can be dangerous. If the cell phone is overheating, check for a defective battery first. If the battery is normal, closing applications may reduce the heat generated by the elevated workload. If the battery is normal, updating the operating system may increase efficiency, thereby reducing the workload causing the overheating. If the battery is normal, allowing the phone to rest and cool down will reduce any heat caused by the increased workload of data streaming, such as watching an online movie.
Question 37: You've just received an email message that indicates a new serious malicious code threat is spreading across the internet. The message contains detailed information about the threat, its source code, and the damage it can inflict. The message states that you can easily detect whether or not you have already been a victim of this threat by the presence of three files in the \Windows\System32 folder. As a countermeasure, the message suggests that you delete these three files from your system to prevent the code from spreading further. Based on the email message, which of the following are the next BEST actions to complete? (Select TWO). Verify the information on well-known malicious code threat management web sites. Distribute the message to everyone in your address book. Delete the indicated files if present. Reboot the system. Run a full anti-malware scan. Perform a complete system backup.
Explanation The best first step to take after receiving an e-mail message about a new malicious code threat is to verify the information it contains. You can easily verify information by visiting two or more well-known malicious threat management websites. These sites can be your anti-malware vendor or a well-known and well-regarded internet security watch group. All too often, messages of this type are hoaxes. It is important not to fall prey to email hoaxes or spread them to others. If you are still concerned, you could run a full anti-malware scan on your system. Your first step should not be to follow any directions included in the e-mail, especially deleting files. You should never forward email warnings until you have firmly established the authenticity and validity of such information. Making a full backup is often a good idea, but it is not necessary in this instance.
Question 34: You have discovered that a system on your network has been infected with a worm. Your top priority is to prevent the worm from spreading to other systems while you work on removing the worm. Which of the following is the BEST next step to take? Update the anti-malware definition files on all computers. Quarantine the computer. Run a system scan on other computers. Close the firewall ports that the worm uses.
Explanation The best way to prevent a worm (or any other type of malicious code) from spreading is to quarantine the system. Quarantine places the computer in an isolated network or removes the computer from the network completely so that it cannot interact with other computers. Updating the definition files and scanning other computers makes sure the worm hasn't affected other systems. However, if the definition file does not identify the worm, it will have no effect on stopping its spread. Closing firewall ports might help, but is not as sure a method of protecting your system as quarantining the infected computer.
Question 39: A user reports that his machine will no longer boot properly. After asking several questions to determine the problem, you suspect the user unknowingly downloaded malware from the internet, and that the malware has infected the system. Based on your suspicions, which of the following actions would you MOST likely take to correct the problem? (Select TWO). Revert the system to a restore point created before the malware infection occurred. Have the user attend an internal internet safety training course. Use an anti-malware scanner to scan for and remove the infection. Run sfc.exe. Reinstall Windows on the system.
Explanation The first step would be to run an anti-malware scan on the system to see if it can locate and remove the malware infection. If that doesn't work, you could also revert the system to a restore point that was created before the malware infection occurred. User training is a preventative measure against malware infections; however, the training will not repair the current damage. Sfc.exe scans every system file in the operating system for altered files. This may or may not help remediate the malware infection. Reinstalling Windows is a last resort after every other option has been exhausted.
Question 11: You're troubleshooting a computer that runs Windows 10. The operating system has halted and a blue screen is displayed on the monitor with an error message. What is the first step you should take to troubleshoot the issue? Update the BIOS. Remove all memory modules and replace them one at a time until the error reappears. Search for the error in Microsoft's knowledge base or using an internet search engine. Uninstall the last application or system update that was installed. Check the voltage levels on the DC side of the power supply.
Explanation The first thing you should do when a Blue Screen of Death is displayed is identify the source of the error by searching for the error text message in Microsoft's knowledgebase or across the internet in general using a search engine such as Google. This will help you identify what is causing the problem so you can troubleshoot it.
Question 53: A technician installs a new touch screen on a laptop. Directly touching on an on-screen button doesn't depress or activate the button, but touching near the button does. Which of the following actions will correct the misalignment? Calibrate the touchscreen. Update the touchscreen display driver. Disable all mouse or touchpad devices. Lower the screen resolution.
Explanation The misalignment can be corrected by running the utility to calibrate the touchscreen. A reboot may be required after you save the calibration data. Updating the touchscreen driver does not recalibrate or correct the misalignment. Other mouse or touchpads actions does not affect the screen misalignment. The screen resolution is independent of the screen misalignment.
Question 52: Sound isn't coming from the internal speaker on a tablet device, even after a user checks its volume settings and makes sure it is not muted. Which of the following is the MOST likely reason? The audio output is being directed to a Bluetooth speaker. Multiple apps are sending audio to the speakers. The battery needs to be charged. The tablet is set to airplane mode.
Explanation The most likely cause of this problem is that the audio output is being directed to a Bluetooth speaker. Tablet speakers will still function in airplane mode. A low battery is unlikely to interrupt audio. On a tablet, typically, the focused app controls audio functions. If a background app has audio, it will be interrupted by the focused app. This conflict will not cause the internal speakers to cease functioning.
Question 54: A technician finds that after restoring the operating system on a mobile device, the touch screen operates unpredictably. This happens in both the default orientation or when the screen is rotated. Which of the following would BEST correct the problem? Screen calibration Wi-Fi calling Virtual assistant App Store
Explanation The touchscreen may be misaligned after restoring the operating system. You can rectify this by following the manufacturer's instructions for the device to recalibrate the screen. Virtual assistant is an application that understands voice commands and completes tasks for the users. A virtual assistance might suggest a screen calibration or open the screen calibration utility when given the device symptoms, but is not the best answer is this scenario. The App Store may have an application that could help calibrate a touch screen, but is not the best answer is this scenario. Wi-Fi calling is the ability to make phone calls and send text messages over a Wi-Fi connection.
Question 26: While browsing the internet, a pop-up browser window is displayed warning you that your system is infected with a virus. You are directed to click a link to remove the virus. Which of the following are the next BEST actions to take? (Select TWO). Update the virus definitions for your locally-installed anti-malware software. Use a search engine on the Internet to learn how to manually remove the virus. Run a full system scan using the anti-malware software installed on your system. Close the pop-up window and ignore the warning. Click on the link provided to scan for and remove the virus.
Explanation This is an example of a rogue anti-virus attack. As such, you should assume that your system may have been infected by some time of malware, possibly by one of the sites you visited recently. You should first close your browser window and then update the virus definitions for your locally-installed anti-virus software. Once done, you should Run a full system scan using the anti-virus software installed on your system. Clicking the link provided would be the worst choice as it will most likely install a host of malware on your system. Ignoring the message is unwise as your system has probably been infected with malware that should be removed. You shouldn't try to manually remove the virus as the message displayed by the rogue anti-virus attack is probably fictitious.
Question 21: A user installs a new graphics application on her Windows system. During the installation process, the application prompts the user to load a custom video driver that has been optimized for the application. She does so and then completes the installation. Several days later, the user reports that her display doesn't seem to be working properly under some conditions. To fix the problem, you need to reload the old video driver. Which of the following actions are the BEST choices? (Select TWO). Boot from the Windows installation media and select the Startup Repair option. Use Device Manager to roll back the video driver. Use Device Manager to disable the video driver. Revert the system to a restore point prior to installing the video driver. Boot to advanced startup menu and select Last Known Good Configuration.
Explanation To roll back to a previous driver, access Device Manager and then use the Roll Back Driver option available in the video driver's properties. You may need to boot the system into Safe Mode first if the problem is serious enough to make the display difficult to see. Alternatively, you could also revert the system to a prior restore point that was created before the problematic driver was installed. You should not disable the driver in this situation. The Last Known Good configuration boot option is only available on Windows 7 and earlier systems. Even if it were available, it would not work in this scenario because the system has been rebooted, and the user has logged in since the change was made. Running a startup repair would not correct a problem with an erratic video driver.
Question 56: Maria, a smartphone user, has recently installed a new app. She now experiences a weak signal and sometimes a complete signal loss at locations where she had a good cell signal in the past. Her phone battery is fully charged. Which of the following actions would BEST address this issue? Reset to factory defaults. Use a cell tower analyzer to determine normal signal strength. Force stop the new app. Uninstall the new app and scan for malware.
Explanation Weak or lost cell signals can be an indication of malware, especially if the location's signal has been good in the past. The best action is to uninstall the new app and use anti-malware apps and app scanners to inspect for malware. Force stopping the new app will help, but not all apps will respond to a force stop, especially if they are malware. This is not the best action in this scenario. Reset to factory defaults will uninstall all apps and remove data. This should be done as a last resort. A cell tower analyzer will confirm the strength of the cell signal, but will not explain the weak or lost cell signal. This is not the best action in this scenario.
Question 20: You have decided to install a new Ethernet network adapter in your Windows 10 desktop computer. After installing the card and booting to Windows, you notice that you have no network connection. After looking in Device Manager, you see that the new network card was detected, but Windows doesn't know what it is. After doing a quick search on the internet, you find what looks like the correct driver and install it. A reboot of Windows is performed, but almost immediately after logging on, your computer crashes. Thinking this must be a fluke, you reboot again with the same result. Which of the following is the BEST tool to get Windows to load properly? Boot from the Windows installation DVD and restore your computer back to a previous restore point. Boot to Safe Mode and uninstall the network driver. Boot to the computers BIOS/UEFI settings and uninstall the network driver. Boot from the Windows installation DVD and run Start-up Repair.
Explanation When a computer starts in Safe Mode, only the bare minimum background services that are very important to boot and run the Windows are initialized. From this mode, you can then find the driver that is causing problem and uninstall it. On some systems, booting to the BIOS/UEFI settings will let you boot to Safe Mode, but you cannot uninstall the driver causing your computer to crash from the BIOS/UEFI settings interface. The Start-up Repair option will scan your PC for problems like missing or damaged system files, but it won't let you uninstall the bad device driver, causing your computer to crash. System Restore lets you restore your computer back to a previous restore point. Although this would work, it will undo any other changes you may have made since the last restore point was created. Therefore, it is best to try boot to Safe Mode and uninstall the bad driver from there.
Question 44: Joe, a frequent visitor to a branch office, attempts to connect his tablet to the office wireless network, but is unable to connect to the internet, even though he has verified that the SSID and password are correct. Joe attempts to connect to a coworker's hotspot, but is still unable to connect to the internet. Which of the following is the MOST likely cause of this issue? Joe's tablet has been configured with full device encryption. The connection between the branch office router and internet service provider is down. MAC filtering has been enabled on the branch office wireless access point. Airplane mode has been set on the tablet.
Explanation When a mobile device has no wireless connectivity, the most frequent reason is that Airplane Mode has been set on the device. The tablet could not connect to the internet from neither the office wireless access point, nor from a coworker's hotspot. This indicates a problem with the tablet, not a problem with the branch office network. The tablet would not be able to connect to the branch office wireless network if MAC filtering was enabled and the tablet was not on the approved list. If the tablet was on the approved list, MAC filtering would not affect internet connectivity. While full device encryption may affect the tablet's performance, it would not affect internet connectivity.
Question 13: Nathan, a long-time Mac user, has been using his Mac computer for some time now with no issues. Recently, however, he reported that his cursor turns into a pinwheel and he can't do anything. Which of the following would be the BEST first step for troubleshooting this issue? Disconnect all external devices except the keyboard and mouse. Verify that your disk has enough free space. Update your firmware. Determine if the problem is caused by software or hardware. Install all available software updates.
Explanation When troubleshooting system lockups, a good place to start is to determine if the problem is being caused by software or hardware. Once you know that you can narrow your troubleshooting steps further. All of the other options are valid ways to troubleshoot and fix problems causing a system lockup, but isolating the issue as a software or hardware issue is the first path to explore.
Question 16: You have booted your Windows workstation into Safe Mode and enabled Boot Logging. To which log file is the boot logging information now being written? Myboot.txt Ntbtlog.txt Bootlog.txt Boot.log
Explanation When you choose Enable Boot Logging, entries are written to the Ntbtlog.txt file. This file is created in the %WinDir% folder.
Question 35: You are an IT technician for your company. Vivian has been receiving error messages indicating that some of her Windows system files are corrupt or missing. To fix this issue, you ran the Windows System File Checker tool (SFC.exe). Shortly after the files were repaired, Vivian calls again because she is still having the same issue. You now suspect that the corruption or renaming of the system files is being caused by malware. Which of the following is the next BEST step that should be taken? Quarantine Vivian's computer. Disable System Restore. Perform a scan using anti-malware software. Back up Vivian's critical files and perform a clean install of Windows.
Explanation When you suspect that a computer may be infected with malware, you should immediately quarantine the computer to prevent the propagation of the malware. After the computer is isolated, you can begin to remove the malware, starting by disabling System Restore, updating your anti-malware software, and then performing an anti-malware scan. Backing up an infected computer only saves the problem for future users.
Question 14: You need to boot a Windows 10 system into Safe Mode. Which steps will accomplish this task? (Select TWO. Each choice is a complete solution.) Press ALT at startup. Select Start > Settings > Update & Security > Recovery > Advanced startup > Restart Now. Press F8 at startup. Press F2 at startup. Run the msconfig.exe utility and specify the boot mode.
Explanation You can also boot the system into Safe Mode by selecting Start > Settings > Update & Security > Recovery > Advanced startup > Restart now. The computer restarts into the Advanced Startup Options and then select Troubleshoot > Advanced Options > Startup Settings > Restart. The system will restart and then select the desired Safe Mode option. Alternately you can run the msconfig.exe utility to specify which boot mode you would like to use, then reboot the system. When working with Windows 7 and earlier, pressing the F8 button during the system boot brings up the Advanced Boot Options menu. This option is not available by default on systems running Windows 8 and later. Pressing F2 during the boot process brings up the UEFI/Bios on many systems. Pressing ALT does not do anything on most systems.
Question 46: You recently upgraded a client's older workstation from Windows 7 to Windows 10. The client has called to complain that the interface is very slow. For example, after clicking on the Start button, the Start Menu slowly appears on the screen. Which of the following will MOST likely fix this problem without requiring a hardware upgrade? Increase the resolution of the display. Increase the color depth of the display. Set the visual effects for best performance. Increase the hardware acceleration settings.
Explanation You need to adjust the visual effects for best performance. This will disable animation, shading, and fading effects used by Windows. Doing so reduces the load on the older hardware used in the client's systems and should increase the performance of the user interface. However, the best resolution to this problem would be to install a newer video adapter in the system. Changing the resolution setting changes the size of text and windows in relation to the screen. Changing the color depth affects the number of colors that can be displayed at one time. Increasing the video acceleration settings increases the amount of processing done by the video card instead of the CPU.
Question 17: Rodney, a user in the research department, reports that he is experiencing blue screen errors while using his Windows computer. You ask Rodney if anything has changed on the computer recently. Rodney explains that he recently installed a TV tuner board in an expansion slot. Now he has to reboot the computer every time he loads the TV tuner application to watch TV. You need to fix Rodney's computer and prevent Rodney from using the TV until you can install an updated driver. What should you do? Boot the system from a Windows installation disc and select the Startup Repair option. Boot the system into Safe Mode. Disable the TV tuner driver in Device Manager. Re-install Windows from the installation disc. Reboot the system and select Safe Mode. Edit the properties of the TV tuner driver in Device Manager and select Roll Back Driver. Use the Reset This PC option in the Settings app.
Explanation You should disable the driver. Although you might be able to disable the driver without booting in Safe mode, booting in Safe mode is a good way to prevent drivers that could interfere with your task from being loaded. Resetting or reinstalling the operating system are drastic troubleshooting options. You should try simpler resolutions first before restoring to more aggressive options. Because the boot process is functioning, there is no indication that the boot sector or master boot record needs fixing using the Startup Repair.
Question 2: A customer who uses a Windows computer recently purchased an inkjet printer from your store. She is now calling to complain that the colors in the photos she printed on her new printer don't match the colors in the original photos created by the photo shop. Which of the following actions will MOST likely resolve the issue? (Select TWO). Download and install the latest printer drivers. Educate the customer on the limitations of inkjet printers. Run the Windows FIXCOLR utility to automatically calibrate the driver's color settings. Use Driver Rollback to restore an earlier version of the printer driver. Use the Color Management tab of the printer driver to calibrate the driver's color settings. Instruct the customer to upgrade to a color laser printer.
Explanation You should download and install the latest printer driver and then use the Color Management tab to adjust the driver's color settings. Many times, installing the latest driver alone will fix color issues. If not, then you can manually adjust the color settings until they match the original.
